mirror of
https://github.com/EssentialsX/Essentials.git
synced 2024-10-30 07:19:45 +01:00
Allow Exceptions in any inherited group to override negation of permissions.
This commit is contained in:
parent
8f810ad447
commit
92bb4e0e66
@ -16,7 +16,7 @@
|
|||||||
<arguments>
|
<arguments>
|
||||||
<dictionary>
|
<dictionary>
|
||||||
<key>LaunchConfigHandle</key>
|
<key>LaunchConfigHandle</key>
|
||||||
<value><project>/.externalToolBuilders/GroupManager.launch</value>
|
<value><project>/.externalToolBuilders/GroupManager_Builder.launch</value>
|
||||||
</dictionary>
|
</dictionary>
|
||||||
</arguments>
|
</arguments>
|
||||||
</buildCommand>
|
</buildCommand>
|
||||||
|
@ -222,4 +222,5 @@ v 2.0:
|
|||||||
- Store worldSelection indexed on the senders name rather than the object (fixes commandblocks using manselect).
|
- Store worldSelection indexed on the senders name rather than the object (fixes commandblocks using manselect).
|
||||||
- Check subgroup permissions with an equal priority so no one subgroup is higher ranked than another.
|
- Check subgroup permissions with an equal priority so no one subgroup is higher ranked than another.
|
||||||
- add recursive permission adding/deleting
|
- add recursive permission adding/deleting
|
||||||
- Prevent adding sub groups for ranks the granting player doesn't have access to.
|
- Prevent adding sub groups for ranks the granting player doesn't have access to.
|
||||||
|
- Allow Exceptions in any inherited group to override negation of permissions.
|
@ -5,6 +5,7 @@
|
|||||||
package org.anjocaido.groupmanager.permissions;
|
package org.anjocaido.groupmanager.permissions;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Iterator;
|
||||||
import java.util.LinkedHashSet;
|
import java.util.LinkedHashSet;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@ -13,8 +14,8 @@ import java.util.Set;
|
|||||||
|
|
||||||
import org.anjocaido.groupmanager.GroupManager;
|
import org.anjocaido.groupmanager.GroupManager;
|
||||||
import org.anjocaido.groupmanager.data.Group;
|
import org.anjocaido.groupmanager.data.Group;
|
||||||
import org.anjocaido.groupmanager.dataholder.WorldDataHolder;
|
|
||||||
import org.anjocaido.groupmanager.data.User;
|
import org.anjocaido.groupmanager.data.User;
|
||||||
|
import org.anjocaido.groupmanager.dataholder.WorldDataHolder;
|
||||||
import org.anjocaido.groupmanager.utils.PermissionCheckResult;
|
import org.anjocaido.groupmanager.utils.PermissionCheckResult;
|
||||||
import org.bukkit.Bukkit;
|
import org.bukkit.Bukkit;
|
||||||
import org.bukkit.entity.Player;
|
import org.bukkit.entity.Player;
|
||||||
@ -121,6 +122,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
|
|||||||
public Set<String> getAllPlayersPermissions(String userName, Boolean includeChildren) {
|
public Set<String> getAllPlayersPermissions(String userName, Boolean includeChildren) {
|
||||||
|
|
||||||
Set<String> playerPermArray = new LinkedHashSet<String>();
|
Set<String> playerPermArray = new LinkedHashSet<String>();
|
||||||
|
Set<String> overrides = new LinkedHashSet<String>();
|
||||||
|
|
||||||
// Add the players own permissions.
|
// Add the players own permissions.
|
||||||
playerPermArray.addAll(populatePerms(ph.getUser(userName).getPermissionList(), includeChildren));
|
playerPermArray.addAll(populatePerms(ph.getUser(userName).getPermissionList(), includeChildren));
|
||||||
@ -147,18 +149,39 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
|
|||||||
// Add all group permissions, unless negated by earlier permissions.
|
// Add all group permissions, unless negated by earlier permissions.
|
||||||
for (String perm : groupPermArray) {
|
for (String perm : groupPermArray) {
|
||||||
boolean negated = (perm.startsWith("-"));
|
boolean negated = (perm.startsWith("-"));
|
||||||
|
|
||||||
|
// Overridden (Exception) permission defeats negation.
|
||||||
|
if (perm.startsWith("+")) {
|
||||||
|
overrides.add(perm.substring(1));
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
// Perm doesn't already exists and there is no negation for it
|
// Perm doesn't already exists and there is no negation for it
|
||||||
// or It's a negated perm where a normal perm doesn't exists (don't allow inheritance to negate higher perms)
|
// or It's a negated perm where a normal perm doesn't exists (don't allow inheritance to negate higher perms)
|
||||||
if ((!negated && !playerPermArray.contains(perm) && !wildcardNegation(playerPermArray, perm)) || (negated && !playerPermArray.contains(perm.substring(1)) && !wildcardNegation(playerPermArray, perm.substring(1))))
|
if ((!negated && !playerPermArray.contains(perm) && !wildcardNegation(playerPermArray, perm)) || (negated && !playerPermArray.contains(perm.substring(1)) && !wildcardNegation(playerPermArray, perm.substring(1))))
|
||||||
playerPermArray.add(perm);
|
playerPermArray.add(perm);
|
||||||
|
|
||||||
if (perm.startsWith("+") && wildcardNegation(groupPermArray, perm.substring(1))) {
|
|
||||||
playerPermArray.add(perm.substring(1));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Process overridden permissions
|
||||||
|
|
||||||
|
Iterator<String> itr = overrides.iterator();
|
||||||
|
|
||||||
|
while (itr.hasNext()) {
|
||||||
|
|
||||||
|
String node = itr.next();
|
||||||
|
|
||||||
|
if (playerPermArray.contains("-" + node)) {
|
||||||
|
playerPermArray.remove("-" + node);
|
||||||
|
}
|
||||||
|
|
||||||
|
playerPermArray.add(node);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// Collections.sort(playerPermArray, StringPermissionComparator.getInstance());
|
// Collections.sort(playerPermArray, StringPermissionComparator.getInstance());
|
||||||
|
|
||||||
return playerPermArray;
|
return playerPermArray;
|
||||||
@ -1001,17 +1024,34 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
|
|||||||
if (start == null || targetPermission == null) {
|
if (start == null || targetPermission == null) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
LinkedList<Group> stack = new LinkedList<Group>();
|
LinkedList<Group> stack = new LinkedList<Group>();
|
||||||
List<Group> alreadyVisited = new ArrayList<Group>();
|
List<Group> alreadyVisited = new ArrayList<Group>();
|
||||||
|
PermissionCheckResult result = new PermissionCheckResult();
|
||||||
|
|
||||||
stack.push(start);
|
stack.push(start);
|
||||||
alreadyVisited.add(start);
|
alreadyVisited.add(start);
|
||||||
|
|
||||||
|
// Set defaults.
|
||||||
|
result.askedPermission = targetPermission;
|
||||||
|
result.resultType = PermissionCheckResult.Type.NOTFOUND;
|
||||||
|
|
||||||
while (!stack.isEmpty()) {
|
while (!stack.isEmpty()) {
|
||||||
Group now = stack.pop();
|
Group now = stack.pop();
|
||||||
PermissionCheckResult resultNow = checkGroupOnlyPermission(now, targetPermission);
|
PermissionCheckResult resultNow = checkGroupOnlyPermission(now, targetPermission);
|
||||||
|
|
||||||
if (!resultNow.resultType.equals(PermissionCheckResult.Type.NOTFOUND)) {
|
if (!resultNow.resultType.equals(PermissionCheckResult.Type.NOTFOUND)) {
|
||||||
resultNow.accessLevel = targetPermission;
|
|
||||||
return resultNow;
|
if (resultNow.resultType.equals(PermissionCheckResult.Type.EXCEPTION)) {
|
||||||
|
resultNow.accessLevel = targetPermission;
|
||||||
|
return resultNow;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Negation found so store for later
|
||||||
|
// as we need to continue looking for an Exception.
|
||||||
|
result = resultNow;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (String sonName : now.getInherits()) {
|
for (String sonName : now.getInherits()) {
|
||||||
Group son = ph.getGroup(sonName);
|
Group son = ph.getGroup(sonName);
|
||||||
if (son != null && !alreadyVisited.contains(son)) {
|
if (son != null && !alreadyVisited.contains(son)) {
|
||||||
@ -1021,9 +1061,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
PermissionCheckResult result = new PermissionCheckResult();
|
|
||||||
result.askedPermission = targetPermission;
|
|
||||||
result.resultType = PermissionCheckResult.Type.NOTFOUND;
|
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user